Context of practice
Online teaching of the first year of a master’s degree at a virtual university.
Problem and objectives
During a routine review of the university platform, the security team detects an attempt of unauthorised access to the student database. The main objective will be to resolve this security issue and put in place new data protection measures to avoid similar situations in the future.
Tools and resources
The University’s platform would be upgraded to be more secure by contracting a company dedicated to this sector. Use of VPN for secure connections. Authentication for access to the platform would be strengthened. Training for teachers and students on good cyber security practices.
Description of practice
A detailed assessment of the unauthorized access attempt is carried out to determine the extent of the problem and potential damage. Suspicious IP addresses are blocked and passwords of compromised accounts are reset as a precautionary measure. All platform users are informed of the security incident and reminded of the importance of maintaining strong passwords and being vigilant for suspicious activity. Security patches are implemented and intrusion detection systems are updated to prevent attacks. Platform security policies are reviewed and strengthened, including implementing stronger password policies and limiting login attempts.
Expected results
– Following the implementation of measures, it is expected that data protection and cybersecurity on the platform will be significantly improved. Users will feel more secure and confident in the security of their personal data after the training.
Strengths or advantages
Rapid and effective response to security incidents. Implementation of proactive measures to prevent future attacks. Increased security training for teachers and students.
Risks or weaknesses
Potential previous undetected security breaches. Reliance on staff capacity to identify and adequately respond to cyber threats despite training.
Need for support
Continue to assess and update security measures to prevent future threats. Further investment in security technologies and continued cyber security training for all staff using the platform.